Director of GRC Compliance

Job Summary

A company is looking for a Director of Governance, Risk, and Compliance (GRC).

Key Responsibilities

• Develop, implement, and maintain the enterprise GRC framework and security governance policies
• Lead enterprise-wide risk assessments and manage compliance with relevant frameworks
• Build and lead a high-performing GRC team while collaborating with engineering and DevSecOps teams

Qualifications

• ~15 years of experience in Information Security and IT, with at least 10 years in risk and compliance leadership
• Deep understanding of GRC frameworks and regulatory standards (NIST, FedRAMP, ISO, SOC, CMMC)
• Experience in regulated industries such as defense, federal, or financial sectors
• Bachelor's degree in Computer Science, Information Security, or related field (Master's preferred)
• Relevant certifications strongly preferred (CISSP, CISM, CRISC, CISA, CCISO)